#define OS_FD_SETSIZE FD_SETSIZE
....
struct OsFdSet
{
fd_set s[OS_FD_SETSIZE / FD_SETSIZE];
};
I cannot see any number in this line. We do not have any numbers in this file…
- cpp (windows VS build)
- SonarQube (9.9 LTS)
Hey there.
Please take the time to review this post:
Which specifies that, among other things, you need to share a text-snippet of code, not a screenshot.
I swear I have read this and it said “screenshots ok”. I guess i missread. Nevermind… Edited initial post.
Hello @KUGA2,
Thank you for reporting this false positive!
Could you please send me additional information to help me reproduce the issue? I did not succeed with the current information, maybe because my configuration differs from yours or because the false positive is due to how fd_set is defined.
Specifically, I would need a reproducer. To generate one on SonarQube:
- Search in the analysis log for the full path of a source file that creates this false-positive, i.e., a source file that includes
**_p_fd_set.hwhere the false positive is. You will have to use precisely this name (same case, / or \…) - Add the reproducer option to the scanner configuration:
sonar.cfamily.reproducer=“Full path to the .cpp” - Re-run the scanner to generate a file named sonar-cfamily.reproducer in the project folder.
If you think the reproducer file contains private information, let me know, and I’ll send you a private message allowing you to send the file privately.
Cheers,
Amélie
I hesitate sending the sonar-cfamily-reproducer.zip (!) file because it contains a lot of sensitive information (paths, compile_commands.json).
I was able to reproduce it with a simple:
sq.cpp
#include "os_p_fd_set.h" // OsFdSet
os_p_fd_set.h
#ifndef OS_P_FD_SET_H
#define OS_P_FD_SET_H
#include <sys/select.h> // fd_set, FD_SETSIZE
#define OS_FD_SETSIZE (2 * FD_SETSIZE)
// Aggregation of n fd_set elements
struct OsFdSet
{
fd_set s[OS_FD_SETSIZE / FD_SETSIZE];
};
#endif // OS_P_FD_SET_H
So should you, I guess. Can you try again before I ask my supervisor if I can share it.
Btw: Is it normal, that the analysis fails (some java stacktrace) when I add sonar.cfamily.reproducer?
Hello,
I am sorry, but I still failed to reproduce the issue. (I have one code smell: “Use “std::array” or “std::vector” instead of a C-style array.” but that is it).
The reproducer contains helpful information: the SonarQube version, the compiler version, the compiler options, etc. It enables us to reproduce exactly what you have and ensure our fix will work for your case. I understand this is sensitive information, but it will only be used for debugging.
What about creating a reproducer for your more straightforward example?
Thanks,
Amélie
PS: Yes, it is expected, as the reproducer is for debugging and should not be activated for day-to-day analysis.
For anyone reading here. We had a long back and forth in private messages. We learned that it need this code to reproduce:
#include "os_p_fd_set.h"
void os_socket_select()
{
OsFdSet read;
if (true)
{
OsFdSet readCopy = read;
read = readCopy;
}
}
@Amelie is now looking into that.
3 Likes
Hi @KUGA2, thank you very much for taking the time to report the issue and collaborate with us to track it down and write the minimal example. 
We have identified the reason behind the issue and created CPP-4714 to track work on it.
Best regards,
Michael
2 Likes
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.